Ask the Experts

Ask the Experts

• Can S/MIME, XML and IPsec operate in one protocol layer?

  It is possible to build security systems that reside within a single layer of the OSI model, but why limit yourself?  Continue Reading

• How to prevent DDoS attacks on websites

  Expert Mike Chapple reviews actions that you can take to protect yourself against large-scale DDoS attacks.  Continue Reading

• How to configure firewall ports for webmail system implementation

  Network security expert Mike Chapple explains why he always recommends placing any server accessible from the Internet into the DMZ.  Continue Reading

• What does 'invoked by uid 78' mean?

  Are you seeing a 'uid 78' in your emails? In this expert response, Michael Cobb explains what the message means.  Continue Reading

• What are the best practices for IPS implementation?

  Implementing an intrusion prevention system can be a tricky proposition. Network expert Mike Chapple explains some common IPS deployment challenges.  Continue Reading

• How should service providers address VoIP security issues and threats?

  Many VoIP providers do not offer encryption services due to the difficulty inherent in encrypting voice traffic. Network security expert Mike Chapple explains what you can do to secure voice over IP networks.  Continue Reading

• How to create a secure network through a shared Internet connection

  When setting up a corporate network through a shared Internet connection, security is of paramount importance. Learn best practices for creating this kind of network from expert Mike Chapple.  Continue Reading

• How to prevent network denial-of-service attacks

  Expert John Strand explains how to shore up security as you plan a large-scale advertising campaign.  Continue Reading

• What security software should be installed on Internet café computers?

  The security provided by many Internet cafes and other similar public access points has greatly improved over the last few years. But that's no substitute for due diligence on the part of users, says expert Michael Cobb.  Continue Reading

• How to harden Linux operating systems

  Specific advice on hardening a server depends to some extent on its intended role, says expert Michael Cobb in this SearchSecurity.com Q&A.  Continue Reading

• What are today's antivirus software trends?

  Expert John Strand reveals two exciting trends in antivirus software.  Continue Reading

• How to prevent and build protection against online identity theft

  In this expert response, John Strand explains what to do when your personal identity is impersonated online.  Continue Reading

• How to detect input validation errors and vulnerabilities

  Expert John Strand reviews how to spot input validation flaws on your websites.  Continue Reading

• How secure are iPhone App Store mobile applications?

  Expert Michael Cobb reviews the steps that Apple has taken to ensure the quality and safety of any applications developed for the iPhone.  Continue Reading

• Can secure USB devices prevent man-in-the middle attacks

  Expert John Strand reveals an interesting way of addressing man-in-the-middle attacks.  Continue Reading

• The telltale signs of a network attack

  Some people believe that if IP addresses from China are attacking their network, then they are under attack from China. Expert John Strand explains why all that it is irrelevant.  Continue Reading

• Is there a spy on my mobile device?

  This is a growing area of concern, as many people are trying to get more and more "hands-free" with their phones. John Strand explains how some hackers can eavesdrop on mobile phone conversations.  Continue Reading

• How to create configuration management plans to install DLP

  Installing DLP products on a network can require a lot of configuration management planning that includes cooperation between many business groups. In this security management expert response, learn how to do a network architecture review to install...  Continue Reading

• What are the key provisions of Massachusetts Executive Order 412?

  Agencies must now give their full cooperation to the Massachusetts Information Technology Division (ITD), which has been given more control over IT spending. Michael Cobb reviews Massachusetts' Executive Order 412  Continue Reading

• How to detect keyloggers

  In this expert response, Michael Cobb explains how to detect the many rootkits available to today's attackers.  Continue Reading

• How to set up a corporate cell phone management strategy

  Mobile devices are ubiquitous in today's enterprise environments, but how can security pros keep them from becoming malware-laden, data-leaking devices? In this expert response, Mike Chapple gives pointers on a corporate cell phone management ...  Continue Reading

• Best practices for log data retention

  Figuring out how long to retain log data and how much log data should be kept in the event of incident response can be tricky to navigate. In this information security management expert response, David Mortman gives best practices for log data ...  Continue Reading

• How to secure SSL following new man-in-the-middle SSL attacks

  Man-in-the-middle SSL attacks at Black Hat D.C. exposed a flaw in the https structure, so how can you avoid such an attack at your enterprise? Find out in Mike Chapple's expert response.  Continue Reading

• How to check for attack data on network logs without SIMs

  If you don't have a lot of time, but you also don't have a SIM, how can you regularly check for attack data in network logs? Network security expert Mike Chapple gives best practices.  Continue Reading

• How to avoid HIPAA Social Security number compliance violations

  It can be difficult to decipher what a HIPAA Social Security number violation is. In this information security management expert response, David Mortman explains how to avoid HIPAA SSN violations as an employer.  Continue Reading

• How do I transition to a career in IT security?

  Looking to move into a career in IT security? Network security expert Mike Chapple how to take a business or sales background and turn it into just that.  Continue Reading

• Best practices for choosing an information security team new hire

  Hiring someone for your information security team? In this expert response, information security management expert David Mortman explains what relevant information security experience is.  Continue Reading

• The case against UTM: Is there a better alternative?

  Unified threat management (UTM) promises tighter security with less required oversight, but are there security risks inherent in deploying UTM appliances? Enterprise network security expert Mike Chapple weighs in.  Continue Reading

• A simple substitution cipher vs. one-time pad software

  Both a simple subsitution cipher and one-time pad software have data encryption benefits despite their differences.  Continue Reading

• What Obama's Blackberry means for mobile device security

  Barack Obama started an uproar in the security community by being the first president to carry a Blackberry. How secure are these mobile devices? Should any enterprise CEO or vice president have one?  Continue Reading

• When should a virtual patch be used?

  Learn how virtual patches can help administrators review, test and schedule official patch updates and find out about the benefits a virtual patch provides, such as protection against identified vulnerabilities.  Continue Reading

• Is it more secure to have a mainframe or a collection of servers?

  The general public may think that mainframe computing is a thing of the past, but expert Michael Cobb reviews why the mainframe is still the cornerstone most large IT projects.  Continue Reading

• What are the best network security books?

  Security expert Mike Chapple reveals his favorite network security books.  Continue Reading

• How to estimate log generation rates

  In this expert response, Mike Chapple explains why estimating log generation rates is so difficult.  Continue Reading

• Are encrypted, self-deleting USB storage drives worth the investment?

  Expert Michael Cobb explains why some high-end, encrypted, self-deleting USB drives are worth looking into and may be a good investment.  Continue Reading

• Can read/write access policies be put on a SAN server?

  A SAN usually contains an organization's most critical data, centralized in one convenient location. Platform security expert Michael Cobb explains how to be protect that information.  Continue Reading

• What is the best operating system for an FTP server implementation?

  When it comes to recommending an operating system for a task such as hosting an FTP server, expert Michael Cobb says it depends on what in-house expertise you have.  Continue Reading

• Are message stubs a secure part of email retention policies?

  Because deleting older emails is not an option for many companies, email "stubs" have been an alternative for organizations looking to archive their messages. Michael Cobb reviews email stubbing and its possible security limitations.  Continue Reading

• What is most misunderstood about EV SSL certificates?

  Are there any calculators to help estimate log generation based on number of devices and best practices?  Continue Reading

• IT auditing applications and tools for ISO 27002 certification

  Gaining ISO 27002 certification can be a daunting process, so what auditing tools can help? David Mortman weighs in on how to choose the best auditing tool for your organization.  Continue Reading

• How does a Web server model differ from an application server model?

  A Web server model and an application server model share many similarities but require different defense methods. Each model, for example, calls for distinct placement of application servers.  Continue Reading

• How to choose a general security risk assessment

  Looking to do a general security risk assessment, but aren't sure how to choose one? In this security management expert response, David Mortman explains how to assess risk and get the funding you need to mitigate it.  Continue Reading

• How to quantify business risk exposure to malware

  How safe is your enterprise from data-stealing malware? How can you know where your security program falls short? Find out how to gauge enterprise risk exposure to malware in this expert response.  Continue Reading

• What are the ethical issues when consulting for two competing companies?

  Security consulting is a job in which privacy is paramount. Leaking security strategies to the wrong people -- especially a company's competition -- could lead to breaches or break ins. In this expert response, David Mortman gives best practices for...  Continue Reading

• Employee information security awareness training for new IAM systems

  When an enterprise gets new IAM systems, training employees on how to interact with the technology is one of the most important aspects of deployment. Learn how to implement employee information security awareness training for new IAM systems and ...  Continue Reading

• How can 419 scam emails and backscatter spam be stopped?

  A 419 scam is just one example of backscatter spam. John Strand explains which long-term solutions can help combat these particular kinds of unwanted messages.  Continue Reading

• Will Google Chrome enhance overall browser security?

  Expert John Strand reviews Google Chrome's browser security features and what the new tool will mean for enterprise IT teams.  Continue Reading

• How to prevent SSH brute force attacks

  Brute force attacks on the Secure Shell (SSH) service have been used more frequently to compromise accounts and passwords. Expert John Strand explains how to defend against these brute-force threats.  Continue Reading

• How to secure a website containing badware (banner82)

  In an expert Q&A, John Strand reviews how SQL injection attacks can lead to banner82 attacks and a "badware" label for your website.  Continue Reading

• When should a database application be placed in a DMZ?

  Mike Chapple explains the best network location for an important database application. Chapple also reveals the appropriate level of access to grant remote users.  Continue Reading

• What are the security risks of opening port 110 and port 25?

  If an external manufacturer wants to remotely access its leased copiers, is it risky to open both port 110 or port 25? Mike Chapple reveals a few security repercussions.  Continue Reading

• Do European laws prevent a U.S. company from blocking spam?

  Michael Cobb explores how the Internet -- and the ability to send messages quickly and easily to other countries --has complicated matters of jurisdiction.  Continue Reading

• Can Google Earth and other mash-up applications threaten enterprise security?

  In an expert Q&A, Michael Cobb explores the security issues that occur when an emerging mash-up application like Google Earth is used in the enterprise.  Continue Reading

• How can mobile device data be lost on a peer-to-peer (P2P) network?

  Peer-to-peer telephone services, such as Skype, Free World Dialup (FWD) and Ooma, offer users a way to save significant money on telephone services. But how well do they protect your data?  Continue Reading

• How do I get CPE credits?

  Congratulations, you've earned your CISSP certificate. Now, what are some ways to get CPE credits to keep it up? Find out in this security management expert response.  Continue Reading

• Can you combine RFID tag technology with GPS to track stolen goods?

  When laptops or smartphones are stolen, retrieving them can mean the difference between a data breach a close call. Learn if it's possible to combine RFID tag technology with GPS devices for tracking stolen goods to their exact location, and if so ...  Continue Reading

• What is the cause of an 'intrusion attempt' message?

  Have you ever received a message from your endpoint security product stating that an intrusion attempt has been blocked? Mike Chapple gives three possibilities for the alert's likely cause.  Continue Reading

• Comparing FTP vs. TFTP

  There are some differences between FTP and TFTP, but here's the catch: both are inherently insecure protocols.  Continue Reading

• Front-end/back-end firewalls vs. chassis-based firewalls

  Network security expert Mike Chapple explores the different characteristics of devices using a front-end/back-end topology and chassis-based firewalls.  Continue Reading

• How to configure a firewall to communicate with an upstream router

  When incorprating a new firewall product, configuration problems can occur between the network device and the router. Mike Chapple reviews some common implementation problems.  Continue Reading

• Can an attacker gain mobile device data through a peer-to-peer (P2P) network?

  While peer-to-peer telephone services, such as Skype, Free World Dialup (FWD) and Ooma, are an interesting technology, expert Mike Chapple does not recommend their use for any private communications.  Continue Reading

• Can USB compromise the security of an embedded mobile device?

  USB is only a standard to interface devices to a host computer. Expert Michael Cobb explains why it doesn't provide any security features to protect data that passes through the connection.  Continue Reading

• Should static analysis be a part of the software development process?

  When the cost of addressing security issues increases as the software design lifecycle proceeds, see why expert Michael Cobb says that using static analysis early on can benefit your bottom line.  Continue Reading

• How to prevent cross-site scripting (XSS) session hijacking

  Cross-site scripting and SQL injections still providing hackers with plenty of opportunities to successfully access data or take control of a compromised machine. MIchael Cobb explains how you can improve your application defenses.  Continue Reading

• Should open source disk-encryption software be used?

  When it comes to IT security, Michael Cobb recommends encryption devices or software that provide the most effective product for the threat being mitigated. Sound simple? See if that advice includes open-source tools.  Continue Reading

• Does cloud-based antivirus provide better malware detection?

  Expert John Strand explains some of the drawbacks of a cloud-based antivirus system.  Continue Reading

• How easily can spyware be placed on a mobile phone?

  John Strand reveals just how easy it is for malware and spyware to be placed on your mobile devices.  Continue Reading

• To prevent cross-site scripting, should specific words and characters be rejected?

  In this expert Q&A, John Strand explains which application development best practices can stop cross-site scripting attacks.  Continue Reading

• Is there a free enterprise-caliber password-management tool?

  Enterprise-caliber password-management tools can be very expensive. Learn about a few free open source password management tools that can improve IAM at your enterprise.  Continue Reading

• Cryptosystem attacks that do not involve obtaining the decryption key

  When a cryptosystem is attacked, are there more things to look out for than attacks that involve getting the decryption key? Find out more in this IAM expert response.  Continue Reading

• Boosting morale of the information security staff after a data breach

  After a security breach, the morale of the security team can dwindle. Learn how to boost the morale of the information security staff, including strategies for improved security policy.  Continue Reading

• Can any firm or organization get a digital signature certificate?

  Learn how a firm can obtain a digital signature certificate. Also, learn about several certificate authorities (CA) that manage them.  Continue Reading

• What firewall controls should be placed on the VPN?

  The level of control you place on VPN traffic should be at least as strong as the level of control you place on traffic from similar users on your corporate network. Network expert Mike Chapple explains which firewall controls are necessary.  Continue Reading

• What OSI Layer 4 protocol does FTP use to guarantee data delivery?

  What OSI Layer 4 protocol does FTP use to guarantee data delivery?  Continue Reading

• Should enterprises ban USBs because the DoD banned them?

  When creating a portable device security policy, should an organization take into account the policies of the federal government? In this security management expert response, learn what can be helpful to keeping USB devices secure.  Continue Reading

• What defenses can prevent the hijacking of a city's fiber network?

  How do you prevent a network administrator from hijacking and preventing access to a city's fiber network? The answer is fairly low-tech, says network security expert Mike Chapple.  Continue Reading

• How to obtain a digital certificate for a server

  In order to use SSL-protected communications, such as exchanging Web traffic using the HTTPS protocol, an enterprise must first purchase and then install a digital certificate on its server. In this expert Q&A, Mike Chapple explains how to do just ...  Continue Reading

• Should the CTO have domain administrator access?

  Should a CTO or SVP of technology have domain administrator access? In this identity and access management expert response, learn whose job description should include domain administrator privileges.  Continue Reading

• What are 'phlashing' attacks?

  Phlashing attacks target network devices and other hardware systems that rely upon firmware to contain their operating systems. Network security expert Mike Chapple explains why the threat is more than theoretical.  Continue Reading

• What firewall features will best protect a LAN from Internet hack attacks and malware?

  In the case of a small network, the necessary firewall doesn't need to be anything complicated. Network security expert Mike Chapple reviews the key features of the network device.  Continue Reading

• How to become an information security expert

  According to network security expert Mike Chapple, information security is one of the hottest career fields and shows great potential for growth. Learn why.  Continue Reading

• Is a lack of employee privacy a HIPAA violation?

  Insufficient employee privacy for those who handle Medicare and Medicaid claims can result in a HIPAA violation. Learn how to keep this data safe and keep your organization compliant.  Continue Reading

• Does password sharing in international branches violate SOX?

  Does password sharing in a company's international branch violate Sarbanes Oxley compliance? Learn enterprise password management solutions for international companies.  Continue Reading

• How to create a policy to avoid disgruntled employee data leaks

  When crafting a data security policy, take into account that disgruntled employees may leak data. Learn how to prevent employee data leakage, and how to handle data loss if it occurs.  Continue Reading

• What risks do application virtualization products pose?

  Phrases that continue to be used to describe application virtualization are "isolation" or "bubble," but Michael Cobb examines the possible threats entering or escaping those 'isolated' environments.  Continue Reading

• Can DNS be used to support encryption?

  Expert Michael Cobb says it's more likely that encryption will be used to support DNS than the other way around.  Continue Reading

• How can quality assurance tools aid software development?

  There are an increasing number of tools aimed at improving software quality control and assurance, and they can certainly play a role in producing higher quality software. In this expert Q&A, Michael Cobb explains why the QA products may not be ...  Continue Reading

• How to set up a remote access security policy

  Interested in setting up a remote access security policy for users? Learn to use IPsec vs. SSL VPN and appropriate systems, applications and authentication methods.  Continue Reading

• Ethical hacking techniques for standard penetration testing

  Learn how to form a policy for standard penetration tests including getting written permission. Learn ethical hacking techniques.  Continue Reading

• What are best practices for secure password distribution after a data breach?

  After an information security data breach, it might seem like a good idea to create new user IDs and passwords for all employees in the user directory. But is there an easier way to handle the aftermath of a data breach? Find out more in this IAM ...  Continue Reading

• Best practices for merging with a company that is not PCI compliant

  Learn how to make sure you and your partner are compliant with PCI DSS while you prepare for the merger process.  Continue Reading

• What's the best strategy to catch up on HIPAA compliance quickly?

  Learn how to build a good compliance program for HIPAA in order to protect patient information and avoid fines and penalties.  Continue Reading

• Is it possible to encrypt CDs and DVDs as well as SD cards?

  Encryption is a necessary technology to keep today's enterprises secure, so it makes sense that companies would want to encrypt as much as possible. But are there products available to encrypt CDs, DVDs and SD cards? IAM expert David Griffeth weighs...  Continue Reading

• The top LAN security issues in a client-server network environment

  In this SearchSecurity.com Q&A, network security expert Mike Chapple lays out four of the biggest LAN security threats.  Continue Reading

• Options for a mechanical door security system on a server room door

  After a server room door has been compromised, finding a more secure solution is of utmost importance. Learn how to choose a server room door that can secure your server without breaking the bank.  Continue Reading

• Should tunnels be connected from an ISP to an internal data center?

  A SearchSecurity.com reader needs to pass programs and data from an internal data center to an ISP data center through a secure tunnel. Mike Chapple tells him how to best initiate connections.  Continue Reading

• How will many firewalls serving as the default gateway affect the DMZ?

  If you attempt to have multiple firewalls connected to the same network segment, all serving as the default gateway, routing problems will ensue. Network security expert Mike Chapple explains.  Continue Reading

• What is the GISP certification and how does it compare to the CISSP certification?

  In the world of security certifications, what is the GISP and how alike is it to the CISSP? In this security management expert response, learn about scenarios when the GISP might be appropriate and how industry-relevant it may be.  Continue Reading

• Can mutual authentication beat phishing or man-in-the-middle attacks?

  What's the best way to prevent phishing and man-in-the-middle attacks? IAM expert David Griffeth explains the benefits of mutual authentication over one-way SSL.  Continue Reading

• Comparing access control mechanisms and identity management techniques

  In the IAM world, what's the difference between access control and identity management. This IAM expert response explains how the two relate as well as some best practices for both access control mechanisams and identity management.  Continue Reading